Sign-up

VARIoT news about IoT security

U.S. CISA adds Microsoft Power Pages flaw to its Known Exploited Vulnerabilities catalog

Trust: 3.75

Fetched: March 23, 2025, 9:29 a.m., Published: Feb. 23, 2025, 3:07 p.m.
 Vulnerabilities: privilege escalation, improper access control, access control flaw
Affected productsExternal IDs
db: NVD ids: CVE-2025-24989

System BIOS dla komputera Dell Embedded Box PC 3000 | Szczegóły sterownika | Dell Polska

Trust: 3.0

Fetched: March 23, 2025, 9:28 a.m., Published: March 23, 3000, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dell model: embedded box pc
vendor: dell model: bios

System BIOS komputera Dell Latitude 7350 z odłączanym ekranem | Szczegóły sterownika | Dell Polska

Trust: 3.0

Fetched: March 23, 2025, 9:26 a.m., Published: March 23, 7350, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dell model: bios
vendor: dell model: latitude
vendor: dell model: latitude 7350

Google Chrome Vulnerability: CVE-2025-24201 Out of bounds write in GPU on Mac

Trust: 3.75

Fetched: March 23, 2025, 9:26 a.m., Published: April 9, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: google model: chrome
vendor: google model: google chrome
db: NVD ids: CVE-2025-24201

System BIOS w wersji R5 do komputerów Alienware m15 | Szczegóły sterownika | Dell Polska

Trust: 3.25

Fetched: March 23, 2025, 9:26 a.m., Published: March 5, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dell model: bios

Akira Ransomware: Webcam Exploitation Threatens Windows Users | Windows Forum

Trust: 3.75

Fetched: March 23, 2025, 9:25 a.m., Published: May 23, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: trend model: antivirus
vendor: trend model: security
db: NVD ids: CVE-2024-40711

Cato CTRL: Ballista - New IoT Botnet Targeting Thousands of TP-Link Archer Routers | Cato Networks

Related entries in the VARIoT vulnerabilities database: VAR-202303-1268

Trust: 4.5

Fetched: March 23, 2025, 9:24 a.m., Published: March 11, 2025, 9:46 a.m.
 Vulnerabilities: code execution, denial of service, command execution
Affected productsExternal IDs
vendor: tp-link model: routers
db: NVD ids: CVE-2023-1389

PHP RCE Vulnerability Actively Exploited in Wild to Attack Windows-based Systems

Trust: 4.0

Fetched: March 23, 2025, 9:23 a.m., Published: March 19, 2025, 12:06 p.m.
 Vulnerabilities: command execution
Affected productsExternal IDs
db: NVD ids: CVE-2024-4577

Cisco Nexus 3000 and 9000 Series Switches Health Monitoring Diagnostics Denial of Service Vulnerability

Trust: 4.0

Fetched: March 23, 2025, 9:22 a.m., Published: Feb. 26, 2025, 3:52 p.m.
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: cisco model: series switches
vendor: cisco model: nexus 9000
vendor: cisco model: nx-os
vendor: cisco model: series
vendor: cisco model: cisco nx-os
vendor: cisco model: nexus
vendor: cisco model: nx-os software
vendor: cisco model: nexus 7000
vendor: cisco model: nexus 3000
vendor: cisco model: nexus 9000 series

Update Canonical Ubuntu Server: USN-7353-1: PlantUML vulnerability

Trust: 4.25

Fetched: March 23, 2025, 9:22 a.m., Published: Jan. 23, 7353, midnight
 Vulnerabilities: denial of service
Affected productsExternal IDs
vendor: canonical model: ubuntu

Protect Your Smart Devices from IoT Vulnerabilities

Trust: 3.0

Fetched: March 23, 2025, 9:21 a.m., Published: March 9, 2025, midnight
 Vulnerabilities: default password
Affected productsExternal IDs

Threat Actors Exploiting Chrome DLL Side-Loading Vulnerability to Execute Malware

Trust: 3.75

Fetched: March 23, 2025, 9:20 a.m., Published: March 19, 2025, 12:16 p.m.
 Vulnerabilities: code execution
Affected productsExternal IDs
vendor: google model: chrome
vendor: google model: google chrome

PolarEdge: Unveiling an uncovered ORB network - Sekoia.io Blog

Related entries in the VARIoT vulnerabilities database: VAR-202304-1067

Trust: 4.25

Fetched: March 23, 2025, 9:18 a.m., Published: Feb. 25, 2025, 8:01 a.m.
 Vulnerabilities: command injection, code execution
Affected productsExternal IDs
vendor: asus model: asus
vendor: asus model: rt-ax88u
vendor: asus model: rt-ac58u
vendor: asus model: routers
vendor: asus model: router
vendor: cisco model: rv082
vendor: cisco model: rv042g
vendor: cisco model: rv340
vendor: cisco model: rv016
vendor: cisco model: cisco small business
vendor: cisco model: rv320
vendor: cisco model: small business
vendor: cisco model: routers
vendor: cisco model: rv325
vendor: cisco model: rv345
vendor: cisco model: rv042
vendor: cisco model: router
vendor: cisco model: cisco routers
vendor: huawei model: huawei
db: NVD ids: CVE-2023-20118

Critical Vulnerabilities in Schneider Electric's Enerlin’X Devices Threaten Windows Networks | Windows Forum

Trust: 3.75

Fetched: March 23, 2025, 9:18 a.m., Published: May 23, 2025, midnight
 Vulnerabilities: -
Affected productsExternal IDs
db: NVD ids: CVE-2025-0814, CVE-2025-0815, CVE-2025-0816

Multiple Vulnerabilities Discovered in a SCADA System

Trust: 4.25

Fetched: March 23, 2025, 9:17 a.m., Published: March 7, 2025, 3:34 p.m.
 Vulnerabilities: uncontrolled search path, code execution, path element vulnerability
Affected productsExternal IDs
vendor: iconics model: genesis32
vendor: iconics model: genesis64
db: NVD ids: CVE-2024-1182, CVE-2024-8300, CVE-2024-7587, CVE-2024-8299, CVE-2024-9852

A Survey on Programmable Logic Controller Vulnerabilities, Attacks, Detections, and Forensics

Trust: 4.25

Fetched: March 23, 2025, 9:13 a.m., Published: March 17, 2023, midnight
 Vulnerabilities: information leakage, memory corruption, denial of service...
Affected productsExternal IDs
vendor: rockwell model: rslogix 5000
vendor: rockwell model: rslogix
vendor: siemens model: tia portal
vendor: codesys model: control
vendor: codesys model: web server
vendor: codesys model: codesys
vendor: codesys model: runtime
vendor: general electric model: historian

Vulnerability in Philips management system allows hackers to gain control of device - Becker's Hospital Review | Healthcare News & Analysis

Trust: 3.25

Fetched: March 23, 2025, 9:06 a.m., Published: Oct. 25, 2019, 4:09 p.m.
 Vulnerabilities: -
Affected productsExternal IDs
vendor: philips model: intellispace perinatal

CVE-2024-51138 - vulnerability database | Vulners.com

Trust: 3.0

Fetched: March 21, 2025, 10:07 a.m., Published: Feb. 27, 2025, 9:15 p.m.
 Vulnerabilities: code execution, buffer overflow
Affected productsExternal IDs
db: NVD ids: CVE-2024-51138

Unveiling Security Weaknesses in Autonomous Driving Systems: An In-Depth Empirical Study

Trust: 3.75

Fetched: March 21, 2025, 10:05 a.m., Published: March 1, 2025, midnight
 Vulnerabilities: integer overflow
Affected productsExternal IDs

System BIOS dla komputera Dell Inspiron 3030 | Szczegóły sterownika | Dell Polska

Trust: 3.25

Fetched: March 21, 2025, 10:05 a.m., Published: March 21, 3030, midnight
 Vulnerabilities: -
Affected productsExternal IDs
vendor: dell model: bios